Wednesday, 27 June 2012

Comms Data Bill: Battle lines drawn at the Frontline club

Last night, the think tank Demos and the Frontline Club, the London hub for a diverse group of people united by their passion for the best quality journalism, held a session on cyber snooping and the Communications Data Bill. Originally advertised to take place amidst the grand surroundings of the Royal Institution in Mayfair, at the last minute the venue was switched to the debating room at the Frontline Club –which is situated in a part of Paddington that is evidently not going to witness the Olympic flame being paraded past its front door.

The BBC’s Rory Cellan-Jones chaired the session and introduced the speakers, who were Professor Anthony Glees from the University of Buckingham, Isabella Sankey from Liberty, Jamie Bartlett from Demos, and the Rt Hon David Davis MP.

Anthony Glees introduced himself to the audience as: “the skunk at this picnic,” and pointed out that the debate isn't about the interception of communications as we already have legislation in place for that. Nor is it liberty and freedom. It's really about trustfulness. The real problem is a lack of public trust in the security and intelligence community, despite the fact that in the UK we have good and ethical spooks and policemen who practice their tradecraft in an ethical manner. But, Parliament’s Intelligence and Security Committee has simply not done a good enough job to spread the news about just how good these guys are.

In his view, we don’t live in a surveillance state because we simply don’t have enough spooks to justify such a claim. Certainly when compared to the surveillance states of old.

He was optimistic that the Bill would go through.

Jamie Bartlett spoke next, announcing that he was mildly in favour of the Bill. But, the real issue, in his mind, was how the state regulated the investigation of people’s Twitter postings and Facebook accounts, as this “semi public” information probably harvested information that was even more intrusive than much of the communications data that the service providers were expected to retain. We need laws to regulate this stuff, as without a law there always be the potential for real abuses of power to occur.

Jamie sensed that the politicians often didn’t fully appreciate the service requirements of the security establishment, and that it was often too easy to criticise them and the legislation they worked under. There will be technical problems on how the data will be obtained. But, the spooks can't explain what counter measures will be deployed, nor what safeguards will be designed to prevent abuse.

Jamie’s bright idea was that the spooks should be regulated not only by teams of politicians, but also by security cleared members of the public, who can represent independent voices. After all, if the public were entitled to sit on juries, why should they also not be entitled to have a say in how this type of behaviour should be regulated.

Isabella Sankey was up next, announcing that Liberty’s view of the Bill was that it is “rotten to the core.” She made one interesting technical point - what's unclear is whether the technology requires an interception of the content of various communications in order to get the traffic data, which is the only stuff they should really be accessing.

Isabella admitted that it's really hard to measure whether any damage has been done to an individual as a result of the current (and projected) regulatory environment, but even so, Liberty had been inundated with letters from members of the public and its membership has soared as a result of the public debate over the issue. So, even they have seen something good come out of the proposals!

Finally, David Davies spoke. He had considerable political and practical experience of the security agenda, having once served as: “the minister for weapons of mass destruction.” He was really concerned at what can happen when the agencies have relatively unfettered access to giant databases. In his view, the agencies broadly do a good job and they have a problem with this in that they don't have the kit to properly sift through the material that is already available to them. He was worried about the implications of false positive results. He was also worried that the Government was overseeing the creation of a honeypot that would be of interest to practically every divorce lawyer in the country.

David was also concerned at the potential costs of the initiative, and the potential for a breach of security by miscreants hacking into these giant and sensitive on-line databases, which, after all, are opposed in Germany, the Czech Republic and Romania. So, he expects the Bill to get squashed in Parliament. What he might accept was a “fully up fronted warranted Bill” - whatever that is. In his view, the more power you give the agencies, the tougher the oversight needs to be.

His last remark was also pretty telling – “A lot of those who are against the bill are the experts in this business.” And he expected these experts to have their say, later. Personally, I’m not sure just how accurate that assertion is. But we’ll all find out in due course.

Source:
The 90 minute debate was streamed live on the web and is currently available on the Frontline Club’s upstream channel at http://www.ustream.tv/frontlineclub

About Me

I'm Martin Hoskins, and I write this blog to offer somewhat of an irreverent approach to data protection issues. I'm not one of the "high priests" of data protection. I prefer the principles of transparency, fairness, practicality and risk-assessment over tedious technical dogma. In my view, when the law is unfair or impractical, it should be queried.
While I may, occasionally, gently criticise various organisations with which I am or have been associated, I write here in an entirely personal capacity. My comments should never be taken to represent anyone else's views about any of the pressing issues of the day.
There is a much more serious side to my privacy consulting work, but for that you'll need to contact me at Grant Thornton UK LLP, where I'm an Associate Director, leading the UK privacy practice.
I tweet as @DataProtector.
You can contact me at:
martin.c.hoskins@uk.gt.com, or (with respect to my less serious posts) info@martinhoskins.com.